blob: fed2aa716c4e7bf4b246bd1efe22c7493ab84c81 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Description: Null pointer dereference in search_keyring
References:
Notes:
carnil> Same fix as for CVE-2017-6951. But CVE-2017-6951 is for a NULL
carnil> pointer dereference in th keyring_search_aux when type is "dead".
carnil> CVE-2017-2647 is for a null pointer dereference in
carnil> keyring_search_iterator
bwh> The function that dereferences the null pointer depends on kernel
bwh> version. keyring_search_aux() was refactored after 3.2 so that
bwh> part of it its logic is in keyring_search_iterator(), and that's
bwh> where the null dereference is done. But the issue is
bwh> fundamentally the same.
Bugs:
upstream: released (3.18-rc1) [c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81]
4.9-upstream-stable: N/A "Fixed before branch point"
3.16-upstream-stable: released (3.16.43) [c53ee259ad3da891e191dee7af119af340f9c01b]
3.2-upstream-stable: released (3.2.88) [e2b41f761b086da2ec43b1cfea14ca0681cd08b0]
sid: released (4.0.2-1)
3.16-jessie-security: released (3.16.43-1)
3.2-wheezy-security: released (3.2.88-1)
|